Redirection policies for mission-based information sharing

Authors:
David Keppler;Vipin Swarup;Sushil Jajodia
Affiliations:
The MITRE Corporation, McLean, VA;The MITRE Corporation, McLean, VA;The MITRE Corporation, McLean, VA
Venue:
Proceedings of the eleventh ACM symposium on Access control models and technologies
Year:
2006

Citing 12
Cited 1

A unified framework for enforcing multiple access control policies

SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Flexible team-based access control using contexts

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
The many faces of publish/subscribe

ACM Computing Surveys (CSUR)
A Logical Language for Expressing Authorizations

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Automated Trust Negotiation

Automated Trust Negotiation
Role-based access control for publish/subscribe middleware architectures

Proceedings of the 2nd international workshop on Distributed event-based systems
Purpose based access control of complex data for privacy protection

Proceedings of the tenth ACM symposium on Access control models and technologies
Self-organizing publish/subscribe

DSM '05 Proceedings of the 2nd international doctoral symposium on Middleware
Maintaining privacy on derived objects

Proceedings of the 2005 ACM workshop on Privacy in the electronic society

Regulating Exceptions in Healthcare Using Policy Spaces

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

When an access decision function denies a data access request by a mission participant in a mission-critical situation, the mission often suffers. In this paper, we propose a sharing control mechanism that computes and executes requests that are mission-related to denied requests. We extend the Flexible Authorization Framework (FAF)with predicates and hierarchies that permit us to specify authorization rules over denied requests and mission-specific relationships. We illustrate our techniques using a prototypical information sharing scenario, namely an emergency first-responder scenario.